Meta Platforms Inc., the parent company of Facebook and Instagram, has agreed to settle a $32.8 million data privacy fine with the Nigerian government, marking a significant milestone for digital rights enforcement in Africa.
The fine was imposed by Nigeria’s Data Protection Commission (NDPC) in February 2025 for alleged breaches of the Nigeria Data Protection Act. According to the NDPC, Meta used Nigerian users’ data for behavioural advertising without explicit consent, processed the personal data of non-users, failed to file mandatory compliance audits, and transferred user data abroad without authorisation.
The settlement, expected to be finalised by the end of October 2025, follows months of legal disputes. Meta initially contested the fine and its basis but has now opted for an out-of-court agreement, signalling a willingness to comply with Nigeria’s tightening regulatory framework.
The NDPC has directed Meta to revise its privacy policies, conduct localised data protection impact assessments, and obtain explicit consent from users before any targeted advertising. The outcome could shape how multinational tech companies manage user data and comply with emerging data protection laws across Africa.
This settlement also reflects Nigeria’s growing assertiveness in regulating global technology firms and reinforces the continent’s drive toward stronger digital governance and accountability.
As one NDPC official noted, the case “underscores the importance of respecting user privacy and adhering to national data protection standards.”
It remains to be seen how this agreement will affect Meta’s operations and data practices in Nigeria and across other African markets amid the continent’s push for digital sovereignty and user protection.
Faridah Abdulkadiri
About the Author
